Return to jobs Return to jobs

Senior Privacy Counsel

Flo health

Clock

Posted over 30 days ago...

Join Flo as a Senior Counsel and lead the charge in pioneering privacy by design in health tech

Overview

icon Salary

No salary declared 😔

icon Location

London, England, United Kingdom,

icon Nomad Friendly?
Tick
icon Expires

Expires at anytime

At Flo, we're dedicated to advancing women's health through innovative technology while ensuring user privacy and data protection. As a market leader in digital health, Flo's commitment to privacy is deeply integrated into our product design, making it a thrilling time to join our legal and compliance team.

Role Summary:

  • Review and update global privacy policies and procedures.
  • Advise on product features ensuring privacy by design.
  • Support obtaining and maintaining ISO certifications (27001 & 27701).
  • Be part of an innovative team developing features like Anonymous mode.
  • Assist in Data Protection Impact Assessments and mitigation of privacy risks.
  • Conduct data protection audits and reviews.
  • Create and deliver privacy training and best practice guidance.
  • Research emerging privacy laws and their impact on Flo.
  • Collaborate with technology and security teams on cyber and data privacy.
  • Act as a trusted advisor across Flo teams.

Role Requirements:

  • Qualified solicitor in the UK with 5+ years’ PQE.
  • Experience in tech, software products, or health tech industries.
  • Global data protection law knowledge, including US.
  • Practical experience in privacy by design.
  • Risk management skills.
  • Familiarity with OneTrust, JIRA, Confluence.
  • CIPP certifications (preferred).
  • Agile methodologies understanding (preferred).

Legal and Compliance are partners across the whole business here at Flo. They watch over everything: Flo’s privacy programme, compliance with regulatory obligations, contract management, IP enforcement… you name it. 

The team’s divided into three groups - Privacy & Data Protection, Regulatory & Compliance, and Legal Services, each managing its own area. 

This role’s all about delivering on Flo’s continued commitment to data privacy by design. It’s a senior counsel position reporting directly to our VP of Privacy, sitting as part of a team of four doing some really exciting work.

Day to day, this role will be key in reviewing privacy policies, advising on the launch of product features, and helping to ensure privacy by design and as default across all areas of our business. From a certification perspective, we’ve achieved our ISO 27001 certification (and were the first business of our kind with it!), and have now also secured certification to ISO 27701.

On top of the day to day and certification work, there’s also an exciting chance to be part of a truly innovative product; a commitment to privacy is baked into our features, and we’re a market leader not only thanks to our medical credibility, but also for our groundbreaking work on features like Anonymous mode.

Your Experience

Must have:


  • Qualified solicitor in the UK with +5  years’ PQE
  • Proven track of work in a tech company, or in-house with a software product focussed organisation
  • Knowledge of data protection laws globally (including the US)
  • Practical experience in privacy by design
  • Knowledge of risk management
  • Knowledge of OneTrust, JIRA, Confluence

Nice to have:


  • CIPP certifications (CIPP/E, CIPM, CIPT, CIPP/US of others)
  • Knowledge of agile methodologies
  • Proven track of work in a health tech, digital health or digital wellness company

What you'll be doing

You'll be responsible for:


  • Develop and maintain global privacy policies and procedures with appropriate attention to detail and an appreciation of practical application
  • Provide prompt and pragmatic privacy and data protection advice to the business (special focus on worldwide data driven initiatives)
  • Give guidance to ensure data protection is baked into the design, build, test and deployment stages across activities and departments
  • Support the VP of Privacy in carrying out Data Protection Impact Assessments (DPIAs), and providing practical solutions to mitigate privacy risks
  • With support of the team, undertake data protection audits and reviews and speak confidently to controls in audits
  • Proactively assist with the creation and delivery of staff training, playbooks and guidance in privacy best practice
  • Undertake legal research on emerging privacy and data protection laws and guidance and consider how legislation impacts Flo’s practices
  • Work to ensure that data protection and best practices are fully integrated into Flo’s compliance framework
  • Support our technology and information security teams on cyber security, data privacy and data ownership
  • Manage strong relationships with Flo teams and act as a trusted advisor.

You'll be targeted on:


  • Successfully providing timely  business-oriented and compliant privacy solutions to the company on various topics such as: consent management, retention, data mapping and discovery, DSAR, and others
  • Assisting with aligning our practices to  the controls of ISO 27701.
  • Meeting sprint deadlines and quarterly targets in your areas of responsibilities. 
  • Successful rollout of educational and partnering sessions for various product and engineering stakeholders

#LI-JC1 #LI-Hybrid 

Medal
Computer

Hire with Escape

Showcase your progressive organisation and post your open roles to the biggest UK community of purpose driven job seekers.

Get Started